Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-124337

[OAuth] Improve nonce-generation

    XMLWordPrintable

Details

    • Task
    • Resolution: Fixed
    • P2: Important
    • None
    • None
    • Network: Authentication
    • None

    Description

      Analyse QAbstractOAuthPrivate::generateRandomString(quint8 length) and possibly
      change it to use QRandomGenerator with more secure seeding than toMSecsSinceEpoch().

      These nonces are used by OIDC, as well as the 'state' in regular OAuth flows, and in future by PKCE

      Attachments

        Issue Links

          clones

          Task - A task that needs to be done. QTBUG-124336 [OAuth OIDC] Add nonce support

          • P2: Important - Urgent, should be fixed, but will not stop the release.
          • Closed
          is cloned by

          Task - A task that needs to be done. QTBUG-124338 [OAuth] Support private URI scheme redirection (Android, iOS)

          • P2: Important - Urgent, should be fixed, but will not stop the release.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              mmutz Marc Mutz
              vuokko Juha Vuolle
              Vladimir Minenko Vladimir Minenko
              Alex Blasche Alex Blasche
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes